Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ClamAV < 0.96 Multiple Vulnerabilities (deprecated)

High

Synopsis

The remote host is running an anti-virus application that is vulnerable to multiple attack vectors.

Description

according to its version, the clamd anti-virus daemon on the remote host is earlier than 0.96. Such versions are reportedly affected by multiple vulnerabilities :

- An attacker could bypass anti-virus detection by embedding malicious code in a specially crafted 'CAB' file. (1826)

- An error in the 'qtm_decompress()' function in 'libclamav/mspack.c' could lead to memory corruption when scanning a specially crafted Quantum-compressed file. (1771)

Solution

Upgrade to ClamAV 0.96 or later.